Brussels Expo Privacy Charter (B2C)



1.       Introduction

Brussels Expo (hereafter “us” or “we”) appreciates your interest in its products, services and website. We want you to know how we collect, process and keep your personal data, which we aim to do with respect for your rights. We also want you to be aware of these rights. For this reason, we invite you to read this charter carefully. If you have any questions at all about the processing of your data or if you have any queries about information given in this charter, we invite you to contact us at the address “”.


2.       What do the law and the regulations say about this issue?

We strive to respect your rights concerning privacy and data protection. Although we try to offer guarantees going beyond the applicable laws and regulations on this matter, - we have taken organisational and technical measures to meet the provisions of the Belgian Data Protection Act of 30/07/2018 with regard to the protection of natural persons with regard to the processing of personal data and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016, commonly known as the General Data Protection Regulations (hereafter GDPR).

3.       What concepts will be useful for you in understanding this charter?



4.       Who we are? 

The not-for-profit association Parc des Expositions de Bruxelles, known in abbreviated form as “Brussels Expo”, has its registered address at 1, Place de Belgique, B-1020 Brussels. VAT nº: BE 0406655573.

Each person or organisation processing personal data must determine whether it is processing this data as a controller or a processor. This distinction in the processing of personal data is very important. It seems appropriate for us at this stage to present you with our activities and vision, as well as our relationship with our partners.


Our mission is to promote and develop a meeting venue highlighting economic, commercial, industrial, scientific, cultural, and entertainment activities, particularly through the various sites we have been granted by the City of Brussels. For this purpose, we carry out all activities we consider useful or necessary, particularly providing all services directly or indirectly connected with organising fairs and shows, congresses, conferences, exhibitions, concerts, festivals and other events. Part of our mission is also to continually improve the experience of customers visiting our site. We establish our activities in pursuit of these aims, supported by several partners.

We are always concerned to offer a diversified programme of activities and we also try to offer a full service to event organisers in order to attract diverse events that may be of interest both to the general public and to specific groups. More broadly, in terms of our particular position, we perform an important task coordinating the events and providing an overall strategy with a view to achieving our principal mission. We also have the power to decide on the events to be organised and we try to adopt a strategy coherent with our wish to develop the sites entrusted to us.

As a result of this particular position, when a data subject holds a ticket for an event, that person is always linked both to Brussels Expo and to the organiser of the event he or she wishes to attend. These two different organisations are therefore both data controllers as defined above.

In order to obtain full information, you are therefore invited to read our privacy charter, on one hand, and, on the other, that of the organiser of the event you wish to attend.

5.       What does this charter cover?

The purpose of this charter is to explain which data (information) about you we collect, the way this data is processed and the reason for such processing.  Through this document, we inform you of our commitments and your rights concerning the protection of your personal data.

This charter covers all personal data collected by Brussels Expo in the context of all its activities: fairs and shows, congresses, conferences, exhibitions, concerts, festivals and other events using the following means:


When you give us your personal data by one of these means, or by any other means, you must provide us with true information about yourself.


6.       What are our principles concerning data protection?


Your personal data and your privacy are important to us. It is priority for us that you trust us. We try to process your data lawfully, in a transparent manner, faithfully and responsibly. We make every effort to adopt the appropriate organisational and technical measures to protect your data. Finally, we make an effort to collect as little data as possible about you while still achieving our aims.

7.       The data we collect, how we process it and why 


We do not process sensitive data in relation to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, health or a natural person’s sex life or sexual orientation. We do not process genetic or biometric data. If it was ever strictly necessary to process sensitive data, you would be duly informed in advance.


We do not authorise sales to children aged under 16 and we do not process personal data relating to children.


The data we collect and process is the data that you have voluntarily given us or one of our subcontractors/partners. For certain operations involving orders, you may give data about yourself to third parties via their own services – specifically when you make payments. We do not hold this data: its collection and processing is governed by the conditions of the parties concerned. We invite you to consult their terms and conditions before giving your data in such a situation. 





8.       What is the basis for us processing your data?



9.       How we protect your data 

We have established the necessary organisational and technical measures, proportional to the risk of breach of your rights, in order to protect your personal data.  Our security measures are regularly assessed and adapted in order to ensure a permanently high level of protection.


10.   With whom do we share your data? 

We promise not to pass on or sell your personal data to third parties other than our subsidiaries, our processors and our direct partners whose intervention is necessary to achieve the aforementioned purposes.


In the context of the organisation of an event, we share your personal data with:

Your personal data will be sent to a third country only if an event organiser has its headquarters in a third country and no representative in Europe. On the day this charter is published, all the organisers we work with have establishments within the European Union. You will be informed of any data transfer outside the European Union when you order your ticket for an event.

11.   How long do we keep your data? 

All data provided is stored in our files and given to the organiser of the event for which you have booked a ticket, as the case may be. We invite you to examine the organiser’s charter to find out about its policy on storing data. How long it is kept depends on the processing carried out. Your data will be kept by Brussels Expo for five years from your last purchase, except for processing based on our legitimate interest (five years from the last contact with you) and processing justified by the legal obligations we are subject to. We do not keep your payment data.

12.   What are your rights? 

You are in charge of your personal data and its processing. We make every effort to ensure your rights are respected. So that you can manage your personal data better, you need to know that you have:

We try to comply with your requests to exercise your rights as quickly and efficiently as possible. We inform you, though, that, in certain situations described in the applicable laws and regulations on this issue, we have the right to refuse to allow you to exercise certain rights when this is justified by the situation and allowed by data protection regulations. We try to notify you of our refusal immediately, giving reasons, so you can understand why we cannot proceed with your request.

We are trying to establish a dynamic platform allowing you to exercise your rights at all times. While this platform is being developed, we invite you to exercise your rights by sending an e-mail to the address:

Important: before giving us your personal data, bear in mind that, if we receive a request to exercise one of your rights, we have no choice but to give out personal data concerning you. For this purpose, our power to check the identity of the data subject behind the request is limited. In accordance with our principle of restricting data collection to the data strictly necessary for achieving our purposes, we try not to collect additional data in order to verify your identity. We therefore consider that any request to exercise your rights coming from your account or your registered e-mail address is sufficient evidence of your identity. We invite you to register with your own e-mail address and urge you to be careful with securing it.

13.   Where can I complain if my rights are breached?

If there is a problem, you can, of course, contact us at the address so that we can help you better. You also always have the right to complain to the data protection authority. Further information on

14.   Updates to our privacy policy

Our privacy protection policy may be extended or adapted in future, for example if there are new developments. We advise you to consult this privacy policy regularly.

Date of the last update: 04/10/2018